git_url::
        The URL of a git repository that will be cloned and used to
        create the tarball. If this option is set, +git_hash+ should be
        set to select the commit to use.

hg_url::
        The URL of a mercurial repository that will be cloned and used
        to create the tarball. If this option is set, +hg_hash+ should
        be set to select the commit to use.

git_hash::
        A git hash, branch name or tag. This is what is used to create
        the tarball.

hg_hash::
        A mercurial changeset hash. This is what is used to create the
        tarball.

git_submodule::
        If this option is enabled, git submodules are fetched and
        included in the tarball. This option is disabled by default.

git_depth::
        An integer specifying a depth for shallow Git clone/fetch
        depth, to decrease network and storage usage.  If not set,
        shallow clone/fetch is disabled.

git_branch::
        A Git ref name that will be exclusively cloned/fetched, to
        decrease network and storage usage.  Must be a descendent
        (inclusive) of git_hash.  If not set, all Git refs are
        cloned/fetched.

compress_tar::
        If set, the tarball created will be compressed in the select
        format. Possible values: xz, gz, bz2.

commit_gpg_id::
        If set, the commit selected with +git_hash+ will have its
        signature checked. The tarball will not be created if there is
        no valid signature, and if the key used to sign it does not
        match the key ID from +commit_gpg_id+. The option can be set to
        a single gpg ID, or to a list of gpg IDs. The IDs can be short
        or long IDs, or full fingerprint (with no spaces). For this to
        work, the GPG keys should be present in the selected keyring
        (see +keyring+ option). If the option is set to 1 or an array
        containing 1 then any key from the selected keyring is accepted.
        On command line, the +--commit-gpg-id+ option can be listed
        multiple times to define a list of keys.

tag_gpg_id::
        If set, the commit selected with +git_hash+ should be a tag and
        will have its signature checked. The tarball will not be created
        if the tag doesn't have a valid signature, and if the key used
        to sign it does not match the key ID from +tag_gpg_id+. The
        option can be set to a single gpg ID, or to a list of gpg IDs.
        The IDs can be short or long IDs, or full fingerprint (with no
        spaces). For this to work, the GPG keys should be present in
        the selected keyring (see +keyring+ option). If the option is
        set to 1 or an array containing 1 then any key from the selected
        keyring is accepted. On command line, the +--tag-gpg-id+ option
        can be listed multiple times to define a list of keys.

gpg_wrapper::
        This is a template for a gpg wrapper script. The default wrapper
        will call gpg with the keyring specified by option +gpg_keyring+
        if defined.

gpg_keyring::
        The filename of the gpg keyring to use. Path is relative to the
        +gpg_keyring_dir+ directory. This can also be an absolute path.

gpg_keyring_dir::
        The directory containing gpg keyring files. The default is
        +$basedir/keyring+ (with $basedir the directory where the main
        config file is located).

gpg_bin::
        The gpg command to be used. The default is +gpg+.

gpg_args::
        Optional gpg arguments. The default is empty.
